Hi,
I created a snippet rule to add NONCE to my pages.
When I view the page, I receive a blank page:
https://www.infinitesweeps.com/click/?SID=287793&testtesttest
I think it’s because that link it hitting a WAF rule.
Here is the link to my snippet: https://dash.cloudflare.com/c05d7c895181242fe24a0fbb9bee1193/infinitesweeps.com/rules/snippets/edit/code-vscode/noonce_clicks
The part that seems to be failing is where I check to see if my actual HTML page was returned, and if not try setting the original response..
if(!htmlnew.includes('<title>Redirecting..</title>')){
console.log('fail..');
return new Response(htmlnew, {
headers: headers
})
}
Am I doing something wrong? If my request hit’s a “Challenge”, shouldn’t the original response and headers load it correctly? I see a 200 response with a blank page..
I have a WAF rule for if querystring contains captcha=1, then javascript challenge.
So my doing a 302 redirect from the page snippet request is causing something to become blank.
how to replicate:
/click/?SID=287793&testtesttest - Page Snippet
Request/click/?SID=287793&testtesttest to Origin, which 302’s to /click/?SID=287793&testtesttest&captcha=1
This causes WAF Rule with querystring (captcha=1) to do a WAF Javascript Challenge
This is making:
const response = await fetch(request);
Break and somehow blank. I am not able to take that WAF Javascript Challenge response and send it via the page snippet to the user.